[Mailman-Users] OT - Smart .forward replacement?

Stephen J. Turnbull turnbull.stephen.fw at u.tsukuba.ac.jp
Wed Nov 28 20:50:50 EST 2018

Mark Sapiro writes:
 > On 11/24/18 9:17 PM, Jayson Smith wrote:

 > > I had a Mailman/DNS problem after upgrading a lot of packages. A
 > > message came in, Mailman couldn't properly look up the DMARC
 > > policy of the sending ISP, didn't munge the From: and sent the
 > > message on its way...
 > What was the lookup issue? I.e., what were the messages in Mailman's
 > error and maybe vette logs? What Mailman version is this?, beginning
 > with Mailman 2.1.25, some failures in DNS lookups of DMARC policy result
 > in mitigations being applied.

Another possibility would be to cache the results, as a fallback to
the DNS lookup.  If the cache hit rate is high enough (as it would be
for members-only lists -- the member test would be done first), this
should reduce DMARC lookup failures to near zero, which would allow
either mitigation-on-failure or quarantine-on-failure strategies by
default.  A more complex approach would be to lookup in the cache
first and trust it until the original lookup expires.  Both approaches
would have to be opt-in, of course.  I don't think either the space
impact or performance impact would be very great.

A brief RFE for Mailman 3 (which keeps a much more extensive database,
so is more likely to implement) is in


Associate Professor              Division of Policy and Planning Science
http://turnbull.sk.tsukuba.ac.jp/     Faculty of Systems and Information
Email: turnbull at sk.tsukuba.ac.jp                   University of Tsukuba
Tel: 029-853-5175                 Tennodai 1-1-1, Tsukuba 305-8573 JAPAN

More information about the Mailman-Users mailing list